microsandbox

v0.5.3 Feature

This release adds 3 notable features for engineering teams evaluating rollout.

Published 4d Virtualization

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

agents ai container docker linux macos

+12 more

mcp nodejs orchestration rust sandbox sandboxing security self-hosted typescript virtualization vm windows

Summary

AI summary

Updates network, cli, and deps across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Feature
Feature	Medium	Enforce sandbox name byte limit. Enforce sandbox name byte limit. Source: llm_adapter@2026-05-30 Confidence: high	—
Feature	Medium	Harden volume mount options. Harden volume mount options. Source: llm_adapter@2026-05-30 Confidence: high	—
Feature	Medium	Add copy and rootfs patch commands to CLI. Add copy and rootfs patch commands to CLI. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix
Bugfix	Medium	Sync guest clock with host's. Sync guest clock with host's. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	Flush TLS intercept upstream writes. Flush TLS intercept upstream writes. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	Fix DNS UDP response delivery to guests. Fix DNS UDP response delivery to guests. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	Handle body‑continuation chunks across rustls reads for secrets. Handle body‑continuation chunks across rustls reads for secrets. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	Refresh stale SDK docs and Node typings. Refresh stale SDK docs and Node typings. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	Harden secret handling and UDP ports in network layer. Harden secret handling and UDP ports in network layer. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	Map bind mount ownership for guest users. Map bind mount ownership for guest users. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Low	Set HOME environment variable for implicit root executions in agentd. Set HOME environment variable for implicit root executions in agentd. Source: granite4.1:30b@2026-05-30-audit Confidence: low	—

Full changelog

What's Changed

chore: refresh npm lockfile after v0.5.2 by @github-actions[bot] in https://github.com/superradcompany/microsandbox/pull/828
feat(sandbox): enforce sandbox name byte limit by @appcypher in https://github.com/superradcompany/microsandbox/pull/830
fix(runtime): sync guest clock with host's by @toksdotdev in https://github.com/superradcompany/microsandbox/pull/833
fix(network): flush tls intercept upstream writes by @toksdotdev in https://github.com/superradcompany/microsandbox/pull/834
feat(mounts): harden volume mount options by @appcypher in https://github.com/superradcompany/microsandbox/pull/832
Fix DNS UDP response delivery to guests by @enricoschaaf in https://github.com/superradcompany/microsandbox/pull/824
fix(secrets): handle body-continuation chunks across rustls reads by @jachris in https://github.com/superradcompany/microsandbox/pull/784
feat(cli): add copy and rootfs patch commands by @appcypher in https://github.com/superradcompany/microsandbox/pull/838
fix(sdk): refresh stale docs and node typings by @appcypher in https://github.com/superradcompany/microsandbox/pull/840
fix(network): harden secret handling and UDP ports by @appcypher in https://github.com/superradcompany/microsandbox/pull/836
fix(filesystem): map bind mount ownership for guest users by @appcypher in https://github.com/superradcompany/microsandbox/pull/839
feat(cli): add env-backed secret shorthand by @appcypher in https://github.com/superradcompany/microsandbox/pull/842
chore(deps): bump astral-tokio-tar from 0.6.1 to 0.6.2 in the cargo group across 1 directory by @dependabot[bot] in https://github.com/superradcompany/microsandbox/pull/843
docs: restore changelog and stop releases from dropping mintlify docs by @toksdotdev in https://github.com/superradcompany/microsandbox/pull/848
docs: reorganize navigation (references tab + consolidate ssh) by @toksdotdev in https://github.com/superradcompany/microsandbox/pull/849
fix(agentd): set HOME for implicit root execs by @appcypher in https://github.com/superradcompany/microsandbox/pull/846
chore(deps): bump the cargo group across 1 directory with 2 updates by @dependabot[bot] in https://github.com/superradcompany/microsandbox/pull/847
chore(release): bump microsandbox to 0.5.3 by @appcypher in https://github.com/superradcompany/microsandbox/pull/835

Full Changelog: https://github.com/superradcompany/microsandbox/compare/v0.5.2...v0.5.3

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track microsandbox

Get notified when new releases ship.

About microsandbox

secure, local, cross-platform and programmable sandboxes for AI agents

All releases →

microsandbox

Summary

Changes in this release

What's Changed

Related context

Related tools